Exclusive: Finding raises questions for security services weeks after similar revelations about PM’s number
The private mobile number of Dominic Raab, the UK foreign secretary, has been online for at least 11 years, raising questions for the security services weeks after the prime minister’s number was also revealed to be accessible to anyone.
Raab’s number was discovered by a Guardian reader using a Google search. It appears to have been online since before he became an MP in 2010, and remained after he became foreign secretary and first secretary of state – de facto deputy prime minister – in 2019.
The web page showing the number also contained other personal details for Raab. It has since been removed following extensive correspondence with the website by the Guardian, and the number no longer appears online or via Google.
The foreign secretary has previously warned of the cybersecurity threat posed by rogue states.
In April, it emerged that Boris Johnson’s personal mobile could be found at the bottom of a press release and had been online for 15 years, raising questions over why the confidentiality of senior politicians’ contact details was not thoroughly investigated.
The former UK national security adviser Peter Ricketts said the breach regarding Raab’s number showed more attention must be paid to online security.
“The wide availability of Mr Raab’s personal phone number must increase the risk that other states, or even criminal gangs, have been able to eavesdrop on his calls,” he said. “It also means that anyone who happens to have had his phone number … is able to lobby the foreign secretary, bypassing the official channels which everyone else has to use. Anyone taking on a role as sensitive as this should in their own interests pay as much attention to online as to physical security.”
The shadow foreign secretary, Lisa Nandy, called for an investigation. She said: “This is a staggering lapse in security from a foreign secretary who, only last month, was lecturing Nato allies about the cybersecurity threat posed by authoritarian regimes.
“It is typical of the government’s approach that when it comes to national security and defending democracy they say one thing but do another. This should be the subject of an investigation. Both the prime minister and foreign secretary have failed to protect their own phones. How can we be assured they aren’t as careless with sensitive intelligence and diplomatic cables too?”
The government said it had requested the removal of the web page containing Raab’s details after being alerted by the Guardian.
Johnson’s number was found on a thinktank press release, unearthed by the newsletter Popbitch, related to his work as a shadow higher education minister when he was also MP for Henley, inviting journalists to contact him for comment. The number has since been disconnected.
Last week, the Mail on Sunday reported that MI5 had been given the go-ahead to examine the phone for possible hacks.
Concerns are also said to have been raised over the amount of government business conducted on WhatsApp amid fears over the risk that significant private information could be read if a phone were stolen or hacked.
Senior officials had reportedly advised Johnson to change his phone number due to concerns about how many people had access to it from his time as a journalist, MP and mayor of London, but he is said to have refused.
Johnson was criticised for text message exchanges with the entrepreneur Sir James Dyson and with the Saudi crown prince, Mohammed bin Salman.
Dominic Cummings, formerly the prime minister’s most senior aide, recently revealed details of government WhatsApp groups that coordinated the coronavirus pandemic response, involving the prime minister, health secretary and the country’s most senior medical and scientific advisers.
A Foreign, Commonwealth and Development Office spokesperson said: “Private information was wrongly retained online, before the foreign secretary’s appointment. Once we were made aware, we had it removed immediately. Most of it was out of date, and no security was compromised.”
Raab’s number was discovered by a Guardian reader using a Google search. It appears to have been online since before he became an MP in 2010, and remained after he became foreign secretary and first secretary of state – de facto deputy prime minister – in 2019.
The web page showing the number also contained other personal details for Raab. It has since been removed following extensive correspondence with the website by the Guardian, and the number no longer appears online or via Google.
The foreign secretary has previously warned of the cybersecurity threat posed by rogue states.
In April, it emerged that Boris Johnson’s personal mobile could be found at the bottom of a press release and had been online for 15 years, raising questions over why the confidentiality of senior politicians’ contact details was not thoroughly investigated.
The former UK national security adviser Peter Ricketts said the breach regarding Raab’s number showed more attention must be paid to online security.
“The wide availability of Mr Raab’s personal phone number must increase the risk that other states, or even criminal gangs, have been able to eavesdrop on his calls,” he said. “It also means that anyone who happens to have had his phone number … is able to lobby the foreign secretary, bypassing the official channels which everyone else has to use. Anyone taking on a role as sensitive as this should in their own interests pay as much attention to online as to physical security.”
The shadow foreign secretary, Lisa Nandy, called for an investigation. She said: “This is a staggering lapse in security from a foreign secretary who, only last month, was lecturing Nato allies about the cybersecurity threat posed by authoritarian regimes.
“It is typical of the government’s approach that when it comes to national security and defending democracy they say one thing but do another. This should be the subject of an investigation. Both the prime minister and foreign secretary have failed to protect their own phones. How can we be assured they aren’t as careless with sensitive intelligence and diplomatic cables too?”
The government said it had requested the removal of the web page containing Raab’s details after being alerted by the Guardian.
Johnson’s number was found on a thinktank press release, unearthed by the newsletter Popbitch, related to his work as a shadow higher education minister when he was also MP for Henley, inviting journalists to contact him for comment. The number has since been disconnected.
Last week, the Mail on Sunday reported that MI5 had been given the go-ahead to examine the phone for possible hacks.
Concerns are also said to have been raised over the amount of government business conducted on WhatsApp amid fears over the risk that significant private information could be read if a phone were stolen or hacked.
Senior officials had reportedly advised Johnson to change his phone number due to concerns about how many people had access to it from his time as a journalist, MP and mayor of London, but he is said to have refused.
Johnson was criticised for text message exchanges with the entrepreneur Sir James Dyson and with the Saudi crown prince, Mohammed bin Salman.
Dominic Cummings, formerly the prime minister’s most senior aide, recently revealed details of government WhatsApp groups that coordinated the coronavirus pandemic response, involving the prime minister, health secretary and the country’s most senior medical and scientific advisers.
A Foreign, Commonwealth and Development Office spokesperson said: “Private information was wrongly retained online, before the foreign secretary’s appointment. Once we were made aware, we had it removed immediately. Most of it was out of date, and no security was compromised.”